Microsoft Endpoint Manager Intune

Dynamische Gruppe für Autopilot Devices: Query:
(device.devicePhysicalIDs -any (_ -contains "[ZTDId]"))

For all iPhone and iPad devices:
(device.deviceOSType -contains "iPhone" -or device.deviceOSType -contains "iPad")

For all iPhone and iPad devices that are personal devices:
(device.deviceOSType -contains "iPhone" -or device.deviceOSType -contains "iPad") -and (device.deviceOwnership -contains "Personal")

For all iPhone and iPad devices that are corporate devices:
(device.managementType -eq "MDM") -and (device.deviceOwnership -eq "Company") -and ((device.deviceOSType -eq "iPad") -or (device.deviceOSType -eq "iPhone") -or (device.deviceOSType -eq "iPod"))
oder
(device.deviceOSType -contains "iPhone" -or device.deviceOSType -contains "iPad") -and (device.deviceOwnership -contains "Company")

For all Apple Company devices that are setup with a ADM Profile:
(device.managementType -eq "MDM") -and (device.enrollmentProfileName -eq "iOS-Devices Verwaltung") -and ((device.deviceOSType -eq "iPad") -or (device.deviceOSType -eq "iPhone") -or (device.deviceOSType -eq "iPod"))


For macOS devices:
(device.deviceOSType -contains "OSX" -or device.deviceOSType -contains "macOS" -or device.deviceOSType -contains "MacMDM")

For macOS devices that are personal devices:
(device.deviceOSType -contains "OSX" -or device.deviceOSType -contains "macOS" -or device.deviceOSType -contains "MacMDM") -and (device.deviceOwnership -contains "Personal")

For macOS devices that are corporate devices:
(device.deviceOSType -contains "OSX" -or device.deviceOSType -contains "macOS" -or device.deviceOSType -contains "MacMDM") -and (device.deviceOwnership -contains "Company")

For iPhone devices:
(device.deviceOSType -contains "iPhone")

For iPad devices:
(device.deviceOSType -contains "iPad")

For Android devices:
(device.deviceOSType -contains "Android")

For all Windows Autopilot Devices:
(device.devicePhysicalIDs -any (_ -startsWith "[ZTDid]")) and (device.devicePhysicalIDs -any (_ -startsWith "[Orderid]"))


Hardware ID Auslesen für Autopilot:

Um im OOBE Prozess ein Fenster zu öffnen muss man [SHIFT]+[F10] drücken.

New-Item -Type Directory -Path "C:\HWID"
Set-Location -Path "C:\HWID"
$env:Path += ";C:\Program Files\WindowsPowerShell\Scripts"
Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned
Install-Script -Name Get-WindowsAutopilotInfo
Get-WindowsAutopilotInfo -OutputFile AutopilotHWID.csv

PowerShell.exe -ExecutionPolicy Bypass
Install-Script -name Get-WindowsAutopilotInfo -Force
Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned
Get-WindowsAutopilotInfo -Online

Windows Store wieder installieren:

wsreset -i

Winget reinstall:

Add-AppxPackage -RegisterByFamilyName -MainPackage Microsoft.DesktopAppInstaller_8wekyb3d8bbwe

Winget von externer Source installieren:

$progressPreference = 'silentlyContinue'
$latestWingetMsixBundleUri = $(Invoke-RestMethod https://api.github.com/repos/microsoft/winget-cli/releases/latest).assets.browser_download_url | Where-Object {$_.EndsWith(".msixbundle")}
$latestWingetMsixBundle = $latestWingetMsixBundleUri.Split("/")[-1]
Write-Information "Downloading winget to artifacts directory…"
Invoke-WebRequest -Uri $latestWingetMsixBundleUri -OutFile "./$latestWingetMsixBundle"
Invoke-WebRequest -Uri https://aka.ms/Microsoft.VCLibs.x64.14.00.Desktop.appx -OutFile Microsoft.VCLibs.x64.14.00.Desktop.appx
Add-AppxPackage Microsoft.VCLibs.x64.14.00.Desktop.appx
Add-AppxPackage $latestWingetMsixBundle

Winget Source List:

winget source list

Upgrade von allen Installierten Programmen:

winget upgrade --all --force --accept-source-agreements --accept-package-agreements

Audit Modus starten
In dem OOBE Screen (Out of the box experience) die Tastenkombination [STRG] + [Shift] + [F3] drücken. Dann wird der Administrator aktiviert, und Windows meldet uns als Administrator an. Dies können wir nutzen, um zum Beispiel ein Image einer Windows-Installation anzufertigen.